coinfayscom.auth.login.atmds.com Open in urlscan Pro
50.87.146.199 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://coinfayscom.auth.login.atmds.com/
Submission: On June 06 via api (June 6th 2024, 6:48:28 am UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 50.87.146.199, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is coinfayscom.auth.login.atmds.com.
TLS certificate: Issued by R3 on June 5th 2024. Valid for: 3 months.

This is the only time coinfayscom.auth.login.atmds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	50.87.146.199 50.87.146.199	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
8	172.67.73.23 172.67.73.23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.67.196.183 172.67.196.183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
16	4

3 50.87.146.199 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: gator3013.hostgator.com

coinfayscom.auth.login.atmds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.73.23 (United States)

ASN13335 (CLOUDFLARENET, US)

za.gl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.196.183 (United States)

ASN13335 (CLOUDFLARENET, US)

coinfays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	za.gl za.gl	77 KB
4	coinfays.com coinfays.com	177 KB
3	atmds.com coinfayscom.auth.login.atmds.com	4 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	859 B
16	4

	Domain	Requested by
8	za.gl	coinfayscom.auth.login.atmds.com za.gl
4	coinfays.com	coinfayscom.auth.login.atmds.com
3	coinfayscom.auth.login.atmds.com	coinfayscom.auth.login.atmds.com
1	fonts.googleapis.com	za.gl
16	4

This site contains no links.

Subject Issuer	Validity	Valid
www.coinfayscom.auth.login.atmds.com R3	`2024-06-05` - `2024-09-03`	3 months	crt.sh
za.gl E1	`2024-05-07` - `2024-08-05`	3 months	crt.sh
coinfays.com GTS CA 1P5	`2024-05-30` - `2024-08-28`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://coinfayscom.auth.login.atmds.com/
Frame ID: F7BF0B8ABE6ADA736E68826578426A03
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

16
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

258 kB
Transfer

538 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
coinfayscom.auth.login.atmds.com/ 8 KB
3 KB 6287ms
5704ms Document
text/html 50.87.146.199
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://coinfayscom.auth.login.atmds.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.146.199 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: gator3013.hostgator.com
Software: Apache /
Resource Hash: d116109b7edb0eba4025caf610e73c6e4c80982d2243706d079d98fe4d409c3d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-length: 3415
content-type: text/html; charset=UTF-8
date: Thu, 06 Jun 2024 06:48:15 GMT
server: Apache
vary: Accept-Encoding

GET
H3 200 bootstrap.min.css
za.gl/vendor/bootstrap/css/ 143 KB
28 KB 123ms
74ms Stylesheet
text/css 172.67.73.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://za.gl/vendor/bootstrap/css/bootstrap.min.css?ver=6.0.36
Requested by: Host: coinfayscom.auth.login.atmds.com
URL: https://coinfayscom.auth.login.atmds.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88573de8a95b5f4c11e9bd4e96dfde2e450c4c36cead84416dfe497394ee10f0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://coinfayscom.auth.login.atmds.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 06:48:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 11:55:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660e952e-23a98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nMpkh0ajGShmpZ4Sv1b4FhSqVXR25zVvdyt9Z%2F0WehB%2FreWr%2FMatgT0HjVtnLil%2FLD4zqit%2BJ6rvuVFTKeXHbERE7UpUXxgLICZvvU%2BndZMPQzmvlv4F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
x-envoy-upstream-service-time: 78
cf-ray: 88f674cf2ebf2be0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 font-awesome.min.css
za.gl/vendor/font-awesome/css/ 30 KB
8 KB 125ms
76ms Stylesheet
text/css 172.67.73.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://za.gl/vendor/font-awesome/css/font-awesome.min.css?ver=6.0.36
Requested by: Host: coinfayscom.auth.login.atmds.com
URL: https://coinfayscom.auth.login.atmds.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49f2536799fe69214edf8a7e469c6d7124307a4e4e913651469a247c7244e81f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://coinfayscom.auth.login.atmds.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 06:48:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 11:55:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660e952e-78e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bkAdm8qPWB57XjybL8wzgQU3jskHX2EXHgXYXdAl2RMiHi%2BxybEh4iJG3txiSe1EC%2FXOTWGjZ3Fctj4ysvbcGzvc7b7qvUsBue8wJR5nByHN%2BNCvQypL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
x-envoy-upstream-service-time: 73
cf-ray: 88f674cf2ec12be0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 AdminLTE.min.css
za.gl/vendor/dashboard/css/ 163 KB
34 KB 117ms
68ms Stylesheet
text/css 172.67.73.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://za.gl/vendor/dashboard/css/AdminLTE.min.css?ver=6.0.36
Requested by: Host: coinfayscom.auth.login.atmds.com
URL: https://coinfayscom.auth.login.atmds.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9019b8c1b7bf8446fd43b8803e24187269f20f4e6c54322ac5f1a65166b06b16

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://coinfayscom.auth.login.atmds.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 06:48:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 11:55:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660e952d-28a9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GGqk6Ez3sO%2B9SROgCLsIW88wEBZN3cHcy4Al%2FM4GouOfGzkD0Fa9UPn5fTF0dmxse7mogJVnbHlCCdrRvVY5K%2BqVWfO6pircwXB0WlWspGvghdM5N4fH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
x-envoy-upstream-service-time: 78
cf-ray: 88f674cf2eb92be0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 _all-skins.min.css
za.gl/vendor/dashboard/css/skins/ 636 B
722 B 136ms
87ms Stylesheet
text/css 172.67.73.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://za.gl/vendor/dashboard/css/skins/_all-skins.min.css?ver=6.0.36
Requested by: Host: coinfayscom.auth.login.atmds.com
URL: https://coinfayscom.auth.login.atmds.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cff4cb965324ed1dcb39fae4025267e5ad287eb82d546758a81356559f97655

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://coinfayscom.auth.login.atmds.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 06:48:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 11:55:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660e952d-27c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PcKNlKU9mITTWe5lrl8zmMIfqmrDkmWbsEgrl0X4IBw1sTmDJAXX0LIDdOR1Fi%2BnLbYF3Jc630WLm%2Fu6dmEAH0wRBqQo2mMKcgLhAaXUL3hRQZ8xzmo3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
x-envoy-upstream-service-time: 76
cf-ray: 88f674cf2ec62be0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 app.css
za.gl/css/ 3 KB
1 KB 136ms
88ms Stylesheet
text/css 172.67.73.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://za.gl/css/app.css?ver=6.0.36
Requested by: Host: coinfayscom.auth.login.atmds.com
URL: https://coinfayscom.auth.login.atmds.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11ee04d7b62011b67395b0a5563e2ced51a78e5c6a910e1a2cda2c25e1c830dc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://coinfayscom.auth.login.atmds.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 06:48:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3720
x-envoy-upstream-service-time: 50
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 04 Apr 2024 11:55:25 GMT
server: cloudflare
etag: W/"660e952d-e88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sp2r7pTwLOcJLJQoRED2wQB4s27abp66IJ83sl%2FaZ5BvgLELQp2HcJcd6xP3YiQcwehXlCstFjACvjVpyAQUPhPSamYcV2Pqejm4x7ZEvuVs9N1COsDK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 88f674cf2ec92be0-FRA

GET
H3 200 cf3.png
coinfays.com/new_vision_theme/img/ 174 KB
174 KB 84ms
30ms Image
image/png 172.67.196.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://coinfays.com/new_vision_theme/img/cf3.png

Requested by

Host: coinfayscom.auth.login.atmds.com
URL: https://coinfayscom.auth.login.atmds.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.196.183 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a724586a0f467b01e6740716df6e2aa94c82efae0f244448659d75a151cf7977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://coinfayscom.auth.login.atmds.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 06:48:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95712
alt-svc: h3=":443"; ma=86400
content-length: 177831
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Jun 2024 15:57:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QdQbWXpl2PuhvhQ7uxOdnGZSpvDe8DMouZaIyMLaHSPWemGYtG7Azuf2t3H%2BAmg2skPhE4e5KmC17s2mR9C5UR5x1Ej8v1w4rx3EdNaQVPi07kr6cY1sbRCOtfOIeAM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 88f674cf2d2c3832-FRA
expires: Thu, 05 Jun 2025 04:13:09 GMT

GET
H3 200 ads.js Show response
coinfays.com/js/ 191 B
674 B 77ms
23ms Script
text/javascript 172.67.196.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://coinfays.com/js/ads.js

Requested by

Host: coinfayscom.auth.login.atmds.com
URL: https://coinfayscom.auth.login.atmds.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.196.183 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://coinfayscom.auth.login.atmds.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 06:48:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 138444
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Mar 2023 19:37:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Reiz127m8%2FMi6ptclOkmUoBJUbBGaCSCcY4WiVI5jzLWrtnp%2BEgUymABCs5vHXFaqApf2%2BwQOs2peH6SswKX3pcxsQ4ToNj5zB%2Fx1WBFHLLTvNyiABhcQGufZL9miqo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 88f674cf2d2d3832-FRA
expires: Thu, 04 Jul 2024 16:20:57 GMT

GET
H2 404 rocket-loader.min.js
coinfayscom.auth.login.atmds.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 0
0 211ms
210ms Script
text/html 50.87.146.199
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://coinfayscom.auth.login.atmds.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by: Host: coinfayscom.auth.login.atmds.com
URL: https://coinfayscom.auth.login.atmds.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.146.199 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: gator3013.hostgator.com
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://coinfayscom.auth.login.atmds.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 06:48:21 GMT
content-encoding: gzip
last-modified: Sat, 16 Nov 2019 01:36:39 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 462

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
859 B 46ms
18ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mukta&display=swap

Requested by

Host: za.gl
URL: https://za.gl/vendor/dashboard/css/AdminLTE.min.css?ver=6.0.36

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b26d7eedcb724f4c4e19b2ab2182e01e5eb5da3effce14ab016671648bf3fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://za.gl/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jun 2024 06:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 06:45:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jun 2024 06:48:21 GMT

GET
H3 200 eye.svg
za.gl/vendor/dashboard/img/ 1 KB
1 KB 22ms
21ms Image
image/svg+xml 172.67.73.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://za.gl/vendor/dashboard/img/eye.svg
Requested by: Host: za.gl
URL: https://za.gl/vendor/dashboard/css/AdminLTE.min.css?ver=6.0.36
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5668abdbcb86892460efa7747fdba4c33fabd909a3cabfa75304da2ef81ee860

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://za.gl/vendor/dashboard/css/AdminLTE.min.css?ver=6.0.36
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 06:48:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 11:55:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5966
etag: W/"660e952e-59f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o4e66g3D7I1cuBAvvSghscK7ZBNCCNWQUc9xF%2B%2FKpXJ3hm7c1lZxEB9rXSElmaQZo%2F%2F4V%2Bklx9teD9%2FajlH1mSzTm5m9NF6UYqF6KugpRBSgchACnHIw"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
x-envoy-upstream-service-time: 99
cf-ray: 88f674d039242be0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Vector.svg
za.gl/vendor/dashboard/img/ 3 KB
2 KB 30ms
29ms Image
image/svg+xml 172.67.73.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://za.gl/vendor/dashboard/img/Vector.svg
Requested by: Host: za.gl
URL: https://za.gl/vendor/dashboard/css/AdminLTE.min.css?ver=6.0.36
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a6e3ecf027d247b7ac7ea3fb765e8eb540731ac5905e5c61f6907be8b24a9c8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://za.gl/vendor/dashboard/css/AdminLTE.min.css?ver=6.0.36
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 06:48:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 11:55:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1019
etag: W/"660e952e-c0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2B9pLVqMpwwOzwXevsZaBGrnq9RVD94HRLnpxFsihM5GCL1jRkykKCGyjvAEaiwVTRElawGsPYQq%2FbDMP1LhyCPpr%2BKF5ikM3JGQ3cRSRM%2BvA%2FDi9xso"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
x-envoy-upstream-service-time: 100
cf-ray: 88f674d049472be0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Vector-down.svg
za.gl/vendor/dashboard/img/ 3 KB
2 KB 28ms
28ms Image
image/svg+xml 172.67.73.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://za.gl/vendor/dashboard/img/Vector-down.svg
Requested by: Host: za.gl
URL: https://za.gl/vendor/dashboard/css/AdminLTE.min.css?ver=6.0.36
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f2901698b97af8cd10825e6a010d189fee461b3f8e33157cbe884104f524fff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://za.gl/vendor/dashboard/css/AdminLTE.min.css?ver=6.0.36
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 06:48:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 11:55:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1019
etag: W/"660e952e-b9e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TgZM1Q1HCWrsLwragB66V9h6oUPJLNy4px04iwuiAZrgxaLUtySVu0U1v0JvFeKJObhfuqRfRGt5GJIGK2EbEeoa%2FmYCmU%2BSVEJ9I%2B5Lu3qDV2NdYWkz"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
x-envoy-upstream-service-time: 99
cf-ray: 88f674d0494a2be0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 404 logo.png
coinfayscom.auth.login.atmds.com/ 746 B
494 B 202ms
202ms Other
text/html 50.87.146.199
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://coinfayscom.auth.login.atmds.com/logo.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.146.199 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: gator3013.hostgator.com
Software: Apache /
Resource Hash: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://coinfayscom.auth.login.atmds.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 06:48:21 GMT
content-encoding: gzip
last-modified: Sat, 16 Nov 2019 01:36:39 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 462

GET
H3 200 favicon.ico
coinfays.com/webroot/img/ 4 KB
2 KB 24ms
24ms Other
image/x-icon 172.67.196.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://coinfays.com/webroot/img/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.196.183 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b06d0349eb16beffac7c1452a77fb05b4d9dc20a04b880e3dd846def1e5d020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://coinfayscom.auth.login.atmds.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 06:48:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63713
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Mar 2023 19:37:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/x-icon
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nqdEx9X5E53BrY3fjlDUyaUeRX1ccdzjLJNSNSlgpx7AUoeeKudSMCHx9p5qFMoBNcGN42QWhwuWsNrnqOlHTQ%2Fy2lgC%2BJvJE8vSdY1FoChoOoYVxsLAB63givFA8Rc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 88f674d228d23832-FRA
expires: Thu, 05 Jun 2025 13:06:29 GMT

GET
H3 200 favicon.ico
coinfays.com/webroot/img/ 4 KB
0 0ms
0ms Other
image/x-icon 172.67.196.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://coinfays.com/webroot/img/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.196.183 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b06d0349eb16beffac7c1452a77fb05b4d9dc20a04b880e3dd846def1e5d020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://coinfayscom.auth.login.atmds.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 06:48:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63713
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Mar 2023 19:37:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/x-icon
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nqdEx9X5E53BrY3fjlDUyaUeRX1ccdzjLJNSNSlgpx7AUoeeKudSMCHx9p5qFMoBNcGN42QWhwuWsNrnqOlHTQ%2Fy2lgC%2BJvJE8vSdY1FoChoOoYVxsLAB63givFA8Rc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 88f674d228d23832-FRA
expires: Thu, 05 Jun 2025 13:06:29 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| e

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://coinfayscom.auth.login.atmds.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	verbose	URL: https://coinfayscom.auth.login.atmds.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://coinfayscom.auth.login.atmds.com/logo.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

coinfays.com
coinfayscom.auth.login.atmds.com
fonts.googleapis.com
za.gl
172.67.196.183
172.67.73.23
2a00:1450:4001:811::200a
50.87.146.199
11ee04d7b62011b67395b0a5563e2ced51a78e5c6a910e1a2cda2c25e1c830dc
1f2901698b97af8cd10825e6a010d189fee461b3f8e33157cbe884104f524fff
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
49f2536799fe69214edf8a7e469c6d7124307a4e4e913651469a247c7244e81f
4b26d7eedcb724f4c4e19b2ab2182e01e5eb5da3effce14ab016671648bf3fb5
5668abdbcb86892460efa7747fdba4c33fabd909a3cabfa75304da2ef81ee860
63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666
6b06d0349eb16beffac7c1452a77fb05b4d9dc20a04b880e3dd846def1e5d020
88573de8a95b5f4c11e9bd4e96dfde2e450c4c36cead84416dfe497394ee10f0
8a6e3ecf027d247b7ac7ea3fb765e8eb540731ac5905e5c61f6907be8b24a9c8
8cff4cb965324ed1dcb39fae4025267e5ad287eb82d546758a81356559f97655
9019b8c1b7bf8446fd43b8803e24187269f20f4e6c54322ac5f1a65166b06b16
a724586a0f467b01e6740716df6e2aa94c82efae0f244448659d75a151cf7977
d116109b7edb0eba4025caf610e73c6e4c80982d2243706d079d98fe4d409c3d

coinfayscom.auth.login.atmds.com Open in urlscan Pro 50.87.146.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

258 kBTransfer

538 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

coinfayscom.auth.login.atmds.com Open in urlscan Pro
50.87.146.199 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

258 kB
Transfer

538 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions