Report - goldcoastskinclinic.com.au/.well-known/acme-challenge

Report Overview

Submitted URL
goldcoastskinclinic.com.au/.well-known/acme-challenge
IP
122.201.80.143
ASN
#38719 Dreamscape Networks Limited
Submitted
2024-04-19 03:36:57
Access
public
Website Title
info
Final URL
goldcoastskinclinic.com.au/.well-known/acme-challenge/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
goldcoastskinclinic.com.au	unknown	unknown	No data	No data	1.5 kB	5.3 kB	122.201.80.143
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	570 B	20 kB	142.250.74.131
i.postimg.cc	23840	2016-06-11	2018-04-11	2024-04-17	439 B	5.3 kB	162.19.61.80
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-18	442 B	6.4 kB	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	goldcoastskinclinic.com.au/.well-known/acme-challenge	Coinbase

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (6)

URL IP Response Size

goldcoastskinclinic.com.au/.well-known/acme-challenge

122.201.80.143

301 Moved Permanently

347 B

URL User Request GET HTTP/1.1
goldcoastskinclinic.com.au/.well-known/acme-challenge
IP
122.201.80.143:443
ASN
#38719 Dreamscape Networks Limited

Certificate
IssuercPanel, Inc.
Subjectgoldcoastskinclinic.com.au
FingerprintBE:99:99:5F:AB:79:E6:9E:3D:D8:53:A6:8C:2A:65:78:12:D4:3E:6E
ValidityFri, 05 Apr 2024 00:00:00 GMT - Thu, 04 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
347 B (347 bytes)
Hash
d03e4c16da80e2ae1dc598524b1d9889
93ae1a3e9bc7e7d7d2e37d96cf06612cd4677154
023eb2720909f54dc684896db9c3fb27e8769d87a92f139bc1e2f1cba92a2610

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase

HTTP Headers

GET /.well-known/acme-challenge HTTP/1.1
Host: goldcoastskinclinic.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 03:36:32 GMT
Server: Apache
Location: https://goldcoastskinclinic.com.au/.well-known/acme-challenge/
Content-Length: 347
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

goldcoastskinclinic.com.au/.well-known/acme-challenge/

122.201.80.143

200 OK

3.9 kB

URL User Request GET HTTP/1.1
goldcoastskinclinic.com.au/.well-known/acme-challenge/
IP
122.201.80.143:443
ASN
#38719 Dreamscape Networks Limited

Certificate
IssuercPanel, Inc.
Subjectgoldcoastskinclinic.com.au
FingerprintBE:99:99:5F:AB:79:E6:9E:3D:D8:53:A6:8C:2A:65:78:12:D4:3E:6E
ValidityFri, 05 Apr 2024 00:00:00 GMT - Thu, 04 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
3.9 kB (3870 bytes)
Hash
8871a3ad9e0aa60a9cfe677f61a74492
42a5058b43609cfa810587449b25a118ac15e2ae
19827cc3e08780c667e5d0740f5f9ced8c65a1a33f0541781664e36844d33116

HTTP Headers

GET /.well-known/acme-challenge/ HTTP/1.1
Host: goldcoastskinclinic.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:36:33 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

142.250.74.131

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://goldcoastskinclinic.com.au/.well-known/acme-challenge/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18668, version 1.0
Size
19 kB (18668 bytes)
Hash
8655d20bbcc8cdbfab17b6be6cf55df3
90edbfa9a7dabb185487b4774076f82eb6412270
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

HTTP Headers

GET /s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goldcoastskinclinic.com.au
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 13:47:34 GMT
expires: Wed, 16 Apr 2025 13:47:34 GMT
cache-control: public, max-age=31536000
age: 222539
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i.postimg.cc/NF4nk7fD/dgdtryf.png

162.19.61.80

200 OK

5.0 kB

URL GET HTTP/2
i.postimg.cc/NF4nk7fD/dgdtryf.png
IP
162.19.61.80:443
ASN
#16276 OVH SAS

Requested by
https://goldcoastskinclinic.com.au/.well-known/acme-challenge/
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintF9:1B:A9:B2:AB:2D:30:75:4E:44:3F:7A:6F:40:77:77:39:CE:1B:13
ValidityWed, 21 Feb 2024 07:13:33 GMT - Tue, 21 May 2024 07:13:32 GMT

File type
PNG image data, 455 x 111, 8-bit colormap, non-interlaced
Size
5.0 kB (4966 bytes)
Hash
2a1532e76ca86d27bae34bee7770c4b7
5f73a5e8ac448324d02bc6fc4af90d8a5c88733d
47f11b95f73135f7bc623be4083187d4d6343d17f9672214515576be46f81fdf

HTTP Headers

GET /NF4nk7fD/dgdtryf.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goldcoastskinclinic.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 03:36:33 GMT
content-type: image/png
content-length: 4966
last-modified: Wed, 04 Oct 2023 21:20:17 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

goldcoastskinclinic.com.au/favicon.ico

122.201.80.143

404 Not Found

392 B

URL GET HTTP/1.1
goldcoastskinclinic.com.au/favicon.ico
IP
122.201.80.143:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://goldcoastskinclinic.com.au/.well-known/acme-challenge/
Certificate
IssuercPanel, Inc.
Subjectgoldcoastskinclinic.com.au
FingerprintBE:99:99:5F:AB:79:E6:9E:3D:D8:53:A6:8C:2A:65:78:12:D4:3E:6E
ValidityFri, 05 Apr 2024 00:00:00 GMT - Thu, 04 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
392 B (392 bytes)
Hash
175f6d6e2094147395ea74018ec22515
0a22c7339d8a27e8cd6e054fd034a7ff14446791
4cd0597706b4fa4394ee7fc666b4fff98651d270862ddd7c8482858873becc24

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: goldcoastskinclinic.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goldcoastskinclinic.com.au/.well-known/acme-challenge/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Fri, 19 Apr 2024 03:36:34 GMT
Server: Apache
Content-Length: 392
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

fonts.googleapis.com/css?family=Open+Sans

142.250.74.74

200 OK

5.8 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://goldcoastskinclinic.com.au/.well-known/acme-challenge/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (5866), with no line terminators
Size
5.8 kB (5776 bytes)
Hash
9a9a7fec0410c78b8c7601306b9fa182
7d736470060c2cbab18d2a59c043202c2d3dbaac
6a2126bd16491c04d2f664d8acb3a7ad24ec144e02bffd62db7254bee91567f0

HTTP Headers

GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goldcoastskinclinic.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 03:36:33 GMT
date: Fri, 19 Apr 2024 03:36:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (6)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers